1(630)802-8605 Ravi.das@bn-inc.net

It is a hot, steamy day here in Chicago.  Probably will hit greater than 100 degrees today!  So, as I peruse the headlines yet again this morning, I come yet across another theme in a part of the world where the temperatures are just as hot or even hotter than here in Chicago.  The land I am talking about is the Middle East.

When we conjure up this area, hatred towards the United States very often come into mind, especially when it comes to oil and Cyber-attacks. But really, this part of the world is friendly to us, it’s just a few rogue countries that just simply don’t like what we stand for.

I was just reading this morning that, the Middle East, while some of the economies may be booming because of oil (such as Qatar, Oman, the United Arab Emirates, Bahrain, etc.) these countries actually possess a very weak Security Infrastructure.

According to a report released by Kaspersky Lab, the level of protection against Cyber attackers was ranked as “extremely low” for 43% of the companies that are based in the Middle East.  The report also revealed that 73% of successful Cyber-attacks were achieved by penetrating vulnerable web applications.

Now, with the rise in these attacks, the Cyber security industry in the Middle East is also a booming one, which is expected to be worth well over $12 Billion in the coming years.

The graphic below depicts some of these alarming statistics:

Some “noteworthy” Cyber-attacks that have occurred in the Middle East include the following:

*The Shamoon virus that first appeared in Saudi Arabia in 2012 crippled 35,000 computers at Saudi Aramco.  This happens to be the world’s largest oil producer.

*A virus was also found in the computer network of Qatar’s RasGas.  This organization is a producer of liquefied natural gas.

Other statistics which prove just how vulnerable the Middle East is:

*The Cyber attacks in the Middle East have cost thus far over $500,000, which is nothing compared to what the United States faces on a daily basis.

*58% of the businesses had outages of greater than five hours.

*There were 2.4 million Ransomware attacks in the UAE, followed by Kuwait and Bahrain with 1.9 million and 1.2 million respectively.

One the main reasons cited for all of these Cyber attacks is that the Middle East is still primarily dependent upon using only passwords as their primary means of authentication.  In fact, 80% of businesses and corporations in the Middle East only use this, they do not rely upon other means of authentication, such as Biometrics (namely Facial Recognition, Iris Recognition, and Fingerprint Recognition).

It is highly expected that the trend of hijacking websites to compromise username/password combinations will only continue to proliferate further, as well as the newest form of malware, which is known as “Crypto-Jacking”.  It is also feared that the region’s Operational Technology ecosystem will be a prime target.  Also, it is expected by Cyber security experts that the theft of confidential information and data will be on the rise as well.

In summary: “Oil and gas and utilities industries will be more at risk with the rise in sophisticated cyber attacks . . . Cyber attackers are becoming smarter and faster in how they leverage exploits to their advantage, and organizations in the Middle East are at high risk of being targeted.”  (SOURCE:  https://www.thenational.ae/business/technology/long-way-to-go-for-middle-east-enterprises-in-cyber-security-1.763948).

My thoughts?

Honestly, I was surprised to see that the Middle East is so much more vulnerable to Cyber attacks than we are here in the United States.  I thought with all the money they made in oil, surely some of that money must have gone into improving Cyber security.  I guess not.  Just a couple of days ago, I wrote a blog as to how the United States should counter attack if it was ever faced with a Cyber-attack from the Middle East again.

The answer to that question now lies into where the country where the Cyber attack actually occurs.  If it is enemy of ours, then I would say yes, limited military strikes might be a good choice.  But keep in mind that Cyber attackers will achieve their goal at all cost, even if it means sacrificing human lives in the process.

For this reason, Cyber attack groups may even send their operatives to the friendly countries (as described earlier) in order to make it look like that they were the country of origin.  We need to be careful in these regards and investigate thoroughly before we launch a reprisal.

But, here is another interesting tidbit:  Because of these recent incidents in the Middle East, the Cyber Security rating of your organization may even prove to be more important than your credit rating.  How so?  Stay tuned for the next blog . . .